Azure Virtual Network

Overview

The Azure Virtual Network (VNet) is the fundamental building block for your private network in Azure. It enables many types of Azure resources, such as Azure Virtual Machines (VMs), to communicate securely with each other, the internet, and on-premises networks.

Isolate workloads
Secure connectivity with gateways and peering
Customizable address space, subnets, and routing

Address Space & Subnets

Define a CIDR block for the VNet and divide it into subnets for logical segmentation.

resource "azurerm_virtual_network" "example" {
  name                = "example-vnet"
  address_space       = ["10.0.0.0/16"]
  location            = azurerm_resource_group.rg.location
  resource_group_name = azurerm_resource_group.rg.name
}

resource "azurerm_subnet" "subnet1" {
  name                 = "subnet1"
  resource_group_name  = azurerm_resource_group.rg.name
  virtual_network_name = azurerm_virtual_network.example.name
  address_prefixes     = ["10.0.1.0/24"]
}

VNet Peering

Connect VNets in the same or different regions for seamless traffic flow.

resource "azurerm_virtual_network_peering" "peer" {
  name                         = "vnet1-to-vnet2"
  resource_group_name          = azurerm_resource_group.rg.name
  virtual_network_name         = azurerm_virtual_network.vnet1.name
  remote_virtual_network_id    = azurerm_virtual_network.vnet2.id
  allow_forwarded_traffic      = true
  allow_gateway_transit        = false
  use_remote_gateways          = false
}

VPN Gateways

Establish site‑to‑site or point‑to‑site VPN connections to on‑premises networks.

resource "azurerm_virtual_network_gateway" "vpn" {
  name                = "example-gateway"
  location            = azurerm_resource_group.rg.location
  resource_group_name = azurerm_resource_group.rg.name
  type                = "Vpn"
  vpn_type            = "RouteBased"
  sku                 = "VpnGw1"
  ip_configuration {
    name                          = "vnetGatewayConfig"
    public_ip_address_id          = azurerm_public_ip.gw.id
    private_ip_address_allocation = "Dynamic"
    subnet_id                     = azurerm_subnet.gateway.id
  }
}

Frequently Asked Questions

Can a VNet span multiple regions?

Yes, using Global VNet Peering you can connect VNets across Azure regions.

What is the default DNS for a VNet?

Azure provides an internal DNS service that resolves VM names within the VNet.

How many subnets can a VNet contain?

A single VNet can contain up to 10,000 subnets.